Saturday, November 19, 2011

A Nigerian In The Woodpile

IT HAS been a bad week at the Billabong, computerwise. The old and formerly trusty Dell began to do some very peculiar things late last week, but much the same observations have been made of the Professor so the eccentricities were excused and indulged. But then notes began arriving from the ISP asserting that the machine was infected with a several species of devilish malware, which were blitzing innocent third parties with spam and other annoyances. No problem, the resident technical adviser asserted, slipping behind the keyboard with all the expansive confidence to which only the young and unbruised are entitled. The Professor did not pay for an expensive private school education without expectation of dividend, so Young Master Bunyip's assurance that a little tweaking and updating of the security software would soon set things to rights seemed a fair return on investment.

Several hours later, a round of golf with Doctor Yowie having resulted in The Professor being obliged to pick up the tab for lunch, the news at home was even more distressing. The curse, the young fellow explained, was something called a rootkit, formerly assumed to signify nothing more sinister than a nice meal, a bottle of rose and some Perry Como on the gramophone. Apparently there is an electronic variant, and it thoroughly stuffs any dot-squiggly stuff to which it becomes attached. Removal is a tricky business, the youngster explained, but he had given it his best shot.

Indeed, it is and he had. As a consequence of his efforts the wireless link no longer worked, the invader was still making mischief and the computer continued to annoy innocent third parties, a fact a further round of correspondence with the ISP established.

The old Dell has been quarantined, an even older laptop pressed into temporary service and the hunt for a replacement model is on in earnest. As the stand-in unit is buggy, cursed with a battery that cannot be recharged, has no wireless capacity and crashes when attempting to open .pdf files, posting will light until a new model is broken in.

Apologies -- and a question: could this infection have been transmitted by a USB memory stick? Young Master Bunyip admitted to plugging one in when his own laptop was elsewhere, and the problems began not long after.

Also, if readers have any suggestions on which model to buy, they would be much appreciated.

35 comments:

  1. Simple. Get an Apple.

    ReplyDelete
  2. Hmmm. Get an Apple, eh? Young Master Bunyip is a Mac devotee, but I often wonder why. His current unit keeps popping tiles off the keyboard, and the one before that needed to be fixed twice in two years. No disrepect to Apple buffs, but the replacement will be a PC.

    ReplyDelete
  3. I agree, Apples suck. Infections can be spread via USB memory sticks. A good up-to-date antivirus program such as Norton, McAffee or Trend Micro should help prevent future infections.

    ReplyDelete
  4. If you have to get a PC, then make sure you get one that is as similar to an Apple as possible! I've been running Apples for 20 years and only once have I ever needed repairs.

    ReplyDelete
  5. PhillipGeorge(c)2011November 19, 2011 at 10:43 AM

    I'd recommend the cheapest nastiest deal available at any big store, Harvery Norman etc. Then go to a technology swap [http://www.technologymarkets.com.au/] meet and get the RAM upgraded to whatever it will take. [I recently went from 2 GB to 8 GB of RAM for $80]

    You will end up with a reasonable processor with a smallish harddrive but good RAM; all cheaper than if you tried to source it that way straight from regular retail. [When the hard drive fills up you can get an external harddrive for only about $70]

    The swap meets specialize in tweaking and accessories at a lot cheaper than retail but cannot match the retail for volume on new machines.

    Either way plan to throw the machine away in 12 months because whatever you buy today will be totally obsolete in 6 months. Actually, if you can buy it today it is already obsolete. You are being milked but some of the cream from your teats does flow into R&D.

    Finally, live long and prosper, the force is with you.

    ReplyDelete
  6. Can it come in via a USB stick? Hell yes. I looked at a report at work last week of all the virus infections across our fleet of 20-something thousand machines. All of them originated on a USB stick.

    ReplyDelete
  7. Whatever. But get on with it, and quick smart. I thought it might have had something to do with the nurses' strike, that the addictive drip of billabong pain relievers had been so cruelly terminated. Fie! A crippled laptop? They are giving the things away. Except Apple,which will shamelessly unburden you of all treasure.

    ReplyDelete
  8. Speaking of USB sticks with viruses, even IBM have had this problem with their promo sticks at conference a few years back.

    ReplyDelete
  9. Bunyipitude,

    A bit radical chucking a PC because of a virus.

    Let's get sensible. Firstly, what are the specs for the old Dell? Do you do anything other than browse and blog?

    I fought a rootkit virus earlier in the year. I killee it but the operating system was in such a mess I had to wipe the hard-drive and reinstall Windoze. Should have done it immediately and not wasted hours trying to tackle the beast.

    So, suggestion from a computer consultant, get Master Bunyip to:

    1. Wipe hard-drive;
    2. Reinstall Windoze etc via original Dell disks;
    3. Install decent rootkit-killing-enabled anti-virus;
    4. Install you favourite software.

    Time to complete: 3 hours.
    Cost: $0 (or suitable nectar to Master Bunyip)

    Simon

    ReplyDelete
  10. I recently bought a Dell XPS 15z which is compared the slim apple in slimness. It has your 8Gb ram etc and actually is fast.

    ReplyDelete
  11. Upgrading, via PG's suggestion, would be useful if you have the time, but having a reliable platform is all-important. Two brands (I have the first, now 5 years old)) seem to be recommended in that regard, Toshiba and Asus.

    ReplyDelete
  12. PhillipGeorge,

    A PC is not obsolete via age, it is obsolete only when it no longer can run the software you use because its hardware demands have become too great for your current kit.

    If all you do is use a web browser, email client for web activities and blogging, any PC up to 5+ years old running Windoze XP is fine. If you write articles using Word or LibreOffice then you are stil good to go with old hardware as long as you are producing text. Where things get hard is when you are doing multimedia stuff.
    Eg photoshopping or editing you digital photos etc.

    For older harder: get more ram, get a 7200rpm harddrive, keep all drivers (and bios) up to date. Finally, remember the Microsoft 1500km service: remove and replace the engine (operating system) every year.

    (Note: written on my iPad whose cpu/ram etc is less than your Dell - most likely.)

    Oh, I practice what I preach!

    Simon

    ReplyDelete
  13. Matt is clearly bereft of any significant experience with Apple, and young Master Bunyip too heavy on the keyboard and too careless with his machines.

    I have used Apple for over 25 years. I have never has a virus, malware, or any other of the problems that constantly afflict my wife's PC. They don't use half their capacity running an OS that makes Bill Gates rich and a PC like a second rate Apple. Their design philosophy is centred on the user, not the IT guy. They require less IT support (which is why the Nerds hate them).

    Wake up and smell the Apple blossom!

    ReplyDelete
  14. Elizabeth (Lizzie) B.November 19, 2011 at 12:34 PM

    My personal bodyguard has changed from the British-sounding chappie (Norton) to what I am sure is a ruggeddly-reassuring Scot (McAffee). This is due to a new computer and its installation by an accompanying technician, a fan of all things 'Celtic'. The bad news is that the highest technical advice available from friends in the halls of computer academe advises we defenders are all generally buggered; the bad guys fight dirty and are well ahead of our defensive games. Take double-barrelled Phil's advice good Professor, back-up, defend, change and update regularly and treat all forms of connection and insertion like a health hazard - caution and protection needed until proved otherwise. We do not want to miss another four days splashing in the Billabong.

    ReplyDelete
  15. Now this Meerkat is a Network Engineer and not a Security Specialist but a rootkit infection sends a few alarm bells ringing when I consider the Professor is a well known conservative blogger. I'd take a guess that if there had been a well configured PIX or Juniper hardware Firewall sitting in front of the Billabong PC we would have seen what we call in the trade "interesting traffic".
    Regarding a new PC suggest go mainstream with Dell or give young Master Bunyip a $1000 budget for a Pentium i5 box with a decent quality case and power supply unit and make sure it has 4Gig of RAM in it, further instruct Master Bunyip to make it dual boot, Unbuntu Linux for the outside world and Windows for local use.

    ReplyDelete
  16. On the information superhighway I am roadkill so can therefore only say Thank goodness you're back Professor. Would love your thoughts on the recent trip of The One and the circus surrounding The One's visit - perhaps your comments could extend to our own girl-on-a-pony's behaviour but then again dare you risk inviting another rootkit. Cheers.

    ReplyDelete
  17. Why not just reinstall the operating system on the old Dell. Then it's just like new. Save your data files first. Or if needed upgrade to a new machine with windows7 already installed. For most people, they shouldn't need to replace it more than every 5-10 yrs, depending on what it's for.

    ReplyDelete
  18. Jnr Bunyip should be aware of taking precautions?

    ReplyDelete
  19. It is rumoured that a USB stick carried the stuxnet virus into the Iranian nuclear facility - in this case, a force for good.

    ReplyDelete
  20. USB as source: almost certainly. Would suggest that the Young Master check his own assorted devices for infections. Until such time, his various bits should be quarantined.

    I use Free AVG from www.grisoft.com for virus protection and it hasn't failed me in almost 10 years.

    I have recently purchased this laptop, from this seller and can recommend it. A good, solid machine at a good price, and the seller is reliable: http://www.ebay.com.au/itm/SAMSUNG-CORE-i5-TURBO-15-16-8G-640G-BlueTooth3-nVidia-/160674882148?pt=AU_comp_laptop&hash=item2568f82264

    ReplyDelete
  21. I agree with most of what Simon Says except his profligate use of the sad and tasteless Apple junk.

    No need to get a new computer. Just reformat your hard drive and reinstall Windows. This will eliminate any virus your computer may have had.

    I would expect this to take longer than 3 hours however by the time you reinstall all of your stuff. You should write down a log of the process to make it easier next time.

    When you have your fresh installation working, consider making a image backup copy of your hard drive to a USB backup drive using Paragon or similar software. Your expensively educated offspring should be able to handle these small details.

    All of the above assumes that you have kept the Windows installation disks for your laptop of course. If not you might be better off getting a new one. A cheap S/H laptop would also do the trick if your computing needs are not extensive.

    ReplyDelete
  22. Prof,do not under even the most extreme circumstance buy a samsung,anything but a samsung I can gaurantee you,ll regret it if you do.

    ReplyDelete
  23. Beware the false prophets! Dell is Crap! Go Macintosh and be virus-free. (Can't speak for fire blight!)

    ReplyDelete
  24. I recommend Apple for three reasons.

    1. When you purchase a new Apple computer, you can purchase Applecare, which provides hardware and software support for three years. The solution to the vast majority of problems is a phone call away

    2. No viruses in the real world

    3. Easy to use

    I suspect the problem with the keyboard is mashing the keys while playing games. That's what cheap keyboards are for

    ReplyDelete
  25. Get an Apple.
    You'll never go back.
    To transition gently, get some Fusion software and run the latest Windows on the same Mac.

    Only Mac downside is the pathetic battery killing wireless keyboard, get an Apple USB keyboard.

    ReplyDelete
  26. "....was something called a rootkit, formerly assumed to signify nothing more sinister than a nice meal, a bottle of rose and some Perry Como on the gramophone"

    Good Lord, nearly lost my mouthful of coffee with that one.

    ReplyDelete
  27. I can see why people like the fruitbox - always a few devotees. Surprised to see so many in the comment though. I would go with Meercat and give Ubuntu a whirl.

    ReplyDelete
  28. Stick with PCs. The IT nerds who warned us of the Millennium Bug tell us they are the best! (Not that they might have an interest in either).

    ReplyDelete
  29. Wipe the windows and replace it with a nice Free distribution of Linux. (Ubuntu, Fedora, Mint etc)

    No viruses , no expense, doesn't mind older hardware and runs Libra office.

    I haven't used windows in years and since using Linux had no real need to spend money upgrading my computers.

    ReplyDelete
  30. I've had rootkits and removed them, but it is my area of expertise. The problem with a rootkit is that it operates at a level below the operating system and it is programmed to hide evidence of itself. There are likely files on your hard disk which don't even appear to the user or programs at the OS. Removal involves booting up from a separate device such as a Boot CD equipped with the removal tools and following the removal instructions for your infection. Some rootkits will even stop you browsing the sites which tell you how to remove them. (http://www.bleepingcomputer.com/ is good)

    ReplyDelete
  31. "There are likely files on your hard disk which don't even appear to the user or programs at the OS."

    I didn't know that. In that case Bunyip, you need to reformat the hard disk drive before installing the operating system. You should be able to do this when you put the OS disk in the DVD reader.

    ReplyDelete
  32. I suspect that those opposed to using a Mac have never used one.
    Aside from the evangelical b.s. all too common with the faithful it is abundantly clear to this misfit that the Mac rules.
    Not because it is so good...it has (gulp) some faults... but because the PC is so bad.
    Screw all PC users who have pushed me into the Witness Protection Programme by forcing me to make this observation.
    OTH the conversion of The Bunyip to the Mac congregation may save my miserable yet very worthy hide.

    ReplyDelete
  33. Picked up a rootkit doing a net search after no probs for a couple of years with XP and Microsoft Security Essentials. Seems the villains like attacking XP and IE8 vulnerabilities now whereas Windows7 and IE9 are much more secure nowadays. The local nerd tried his special malware CD in Safe Mode and appeared to fix it but back it came. Sends you off to other sites with net searches so presumably someone's getting paid for hits and that's a big problem for the advertisers now. Also these rootkits have been attached to some big trusted sites(usually on weekends)and the latest was malware carrying a Trust certificate sourced back to a Malaysian Govt Dept. This sort of development is already sending some Verify/Trust companies broke.

    With a 5 yr old computer, experience told me never upgrade hardware, so I settled on a new basic i3 64bit Dell with Windows7 for $499 online.(Pro or Ultimate allow you to operate in familiar XP mode) You go upmarket with processing and more than 4GB ram only for gaming and graphics. Keep the OS on the internal HDD and all files and data save on another external drive and clone the OS (with Office, etc) to disk for a format and reinstall should the inevitable happen again. Besides Windows gets clunky and slow after a time so a clean install at least 12 monthly is de rigeur.

    By the way don't think you'll just go back to a restore point because that's the first thing the rootkit virus prevents, as well as from downloading malware and antivirus tools after it shuts off yours. Clever beggars aren't they?

    Don't be suckered by extended hardware warranties either, as under the new Australian Consumer Law it must last a 'reasonable' time. The ATO allow 3 years to fully depreciate computer hardware so 'the last seller' can't really argue with the ACCC using that guideline to enforce your new inalienable consumer rights as of last January. Manufacturer warranty or purchase price doesn't enter into it, but clearly the retailer being around for the 3 years does.

    observa

    ReplyDelete
  34. So much for the best antivirus programs-
    http://www.zdnet.com.au/f-secure-finds-rare-digitally-signed-malware-339326171.htm

    observa

    ReplyDelete
  35. Go with the reformat then get an anti-virus eg AVG.

    ReplyDelete